Wednesday, June 29, 2005

Do Something But We Think You'll Screw Up Anyway

These statements, taken from an article from CNN.COM, show people’s feelings on spam, computer viruses, phishing and other nasty things arriving in your inbox.

  • "71 percent of people believe Congress needs to pass new laws to keep the Internet safe"

  • "They don't have a lot of confidence that Congress will do the right thing"

Actually both statements are true and were proved in the last 18 months by CAN-SPAM and its aftermath. Congress did something (fulfilling the desires of the 71%) but spam has not diminished (see the second CNN snippet again).

The old BR549 song almost seems to be a Congressional Motto at times… “Sometimes you gotta do something even if it’s wrong”.

Just as morality cannot be legislated, Congressmen passing “feel-good”, “see-we-care” laws have zero effect on folks sitting in front of their spamming / phishing / zombie producing computers in far away lands.

As a firm believer in a layered protection approach to email, I know that all the legalese will never match good email filtering at all levels from ISP, through mail servers to our own inboxes.

AAS

posted by CMS Blog Master @ 10:51 AM 0 comments  

Wednesday, June 22, 2005

The One in 1 Million False Positive Rate

I’m a little late with this week but hey, it’s summer: golf, swimming, baseball and an occasional blog. So here’s the “occasional” blog.

From a Ferris Research item, “Spam Control--Realistic Performance Today” came the following…

It may be true that a given vendor can achieve a one in 1 million false positive rate, but if so, it does so at the expense of letting more spam through. The higher the proportion of spam that you catch, the higher the false positive rate”.

True! True! True! And in case I didn’t make my point… TRUE!

This enforces what I cited in an earlier blog titled “The 1/3 Rule of Life (and spam)”. How well an administrator tunes their corporate antispam operations (server-based software, appliance or off-site service) determines how well a spam filter works.

CMS studies have shown that training Bayesian filters on actual messages greatly reduces false positive rates. Last time I looked Praetor’s false positive rate inhouse at CMS was around 0.027%.

Since we know that everything requires administration, how easily a Bayesian filter is trained is a high priority question.

  • Is training done in-house or must spam messages be forwarded to an outside service provider for processing?
  • Is Bayesian training done immediately, as you require it, or are your spam samples put into a queue with other companies and organizations?
Let me re-enforce these points. Believing that you get “one in 1 million false positive” indicates…

  • You are dreaming
  • You are flooded in spam

AAS

posted by CMS Blog Master @ 2:15 PM 0 comments  

Monday, June 13, 2005

Unsubscribing Using The Blacklist Method

…many people use anti-spam programs as a way to avoid having to remember how to unsubscribe from unwanted newsletters” -- Security Watch 6/6/2005.

After a little laugh at this, I really wasn’t sure what to think.

Laziness? Consider that at the bottom of every newsletter is a link to unsubscribe. I guess to find that link would mean reading the newsletter.

Overwork? The ever popular “I don’t have time” precludes us from clicking the “unsubscribe” link but not the “add to blacklist” link.

Fear? Has the antispam mantra “Don’t click on unsubscribe” sunken in so far that people are afraid to click unsubscribe even from legitimate concerns?

Habit? We get so much spam in some mailboxes that the “add to blacklist” click is second nature (in this case, you need a new spam filter).

AAS

posted by CMS Blog Master @ 10:14 AM 1 comments  

Monday, June 06, 2005

Retroactively Editing Reality

I found an interesting article on a spam service trying to erase its spamming past ... Spam-fighting service tries to airbrush past

I love this quote from the article... "retroactively editing reality". It would be nice if we could all remove evidence of past mistakes. A historical record, altered and cleaned with 20/20 hindsight.

There's several "letters-to-the-editor" I think I'd like removed from my more activist past of 30 years ago.

While historical evidence can be interpreted differently, the basic documents should remain unaltered and untouched by hindsight revisions.

AAS

posted by CMS Blog Master @ 10:07 AM 0 comments  

Friday, June 03, 2005

Praetor Summer Sizzle

CMS has a great summer bonus for existing Praetor Messaging Firewall customers.

Through the Praetor Summer Sizzle program, companies and organizations that have grown can now take advantage of significant discounts in Add-On Licenses.

Perfect time to keep your Praetor licensing in compliance.

AAS

posted by CMS Blog Master @ 10:33 AM 2 comments